Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

openSUSE: 2025:0091-1 moderate: restic Advisory Security Update

opensuse
Calendar Grey March 15, 2025
Dist Opensuse Esm H88
A security update for restic has been released, addressing CVE-2025-22868 in openSUSE, with a severity rating of moderate for users and admins
An update that fixes one vulnerability is now available

Description

This update for restic fixes the following issues:

- Fixed CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory

consumption during token parsing in golang.org/x/oauth2 (boo#1239264)

- Update to version 0.17.3

- Fix #4971: Fix unusable mount on macOS Sonoma

- Fix #5003: Fix metadata errors during backup of removable disks

on Windows

- Fix #5101: Do not retry load/list operation if SFTP connection is

broken

- Fix #5107: Fix metadata error on Windows for backups using VSS

- Enh #5096: Allow prune --dry-run without lock

- Update to version 0.17.2

- Fix #4004: Support container-level SAS/SAT tokens for Azure backend

- Fix #5047: Resolve potential error during concurrent cache cleanup

- Fix #5050: Return error if tag fails to lock repository

- Fix #5057: Exclude irregular files from backups

- Fix #5063: Correctly backup extended metadata when using VSS on Windows

- Update to version 0.17.1

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate update memory consumption openSUSE restic

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-91=1

Package List

- openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64):

restic-0.17.3-bp156.2.3.1

- openSUSE Backports SLE-15-SP6 (noarch):

restic-bash-completion-0.17.3-bp156.2.3.1

restic-zsh-completion-0.17.3-bp156.2.3.1

References

https://www.suse.com/security/cve/CVE-2025-22868.html

https://bugzilla.suse.com/1239264

Announcement ID: openSUSE-SU-2025:0091-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP6 .

Topics%20covered

Topics Covered

security advisory moderate update memory consumption openSUSE restic

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here